Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

BoxLang: Our new JVM Dynamic Language made by Ortus! Check it out: https://www.boxlang.io

isJSON returns false negative when content contains Java Regex escape characters

Description

The following JSON string, used by the cbSecurity test suite, incorrectly returns false for isJSON:

[ { "whitelist": "user\\.login,user\\.logout,^main.*", "securelist": "^user\\.*, ^admin", "match": "event", "roles": "admin", "permissions": "", "redirect": "user.login" }, { "whitelist": "", "securelist": "^shopping", "match": "url", "roles": "", "permissions": "shop,checkout", "redirect": "user.login", "useSSL": true } ]

Stack from Jackson:

com.fasterxml.jackson.core.JsonParseException: Unrecognized character escape '.' (code 46) at [Source: REDACTED (`StreamReadFeature.INCLUDE_SOURCE_IN_LOCATION` disabled); line: 3, column: 22] at app//com.fasterxml.jackson.core.JsonParser._constructReadException(JsonParser.java:2660) at app//com.fasterxml.jackson.core.base.ParserBase._handleUnrecognizedCharacterEscape(ParserBase.java:1379) at app//com.fasterxml.jackson.core.json.ReaderBasedJsonParser._decodeEscaped(ReaderBasedJsonParser.java:2680) at app//com.fasterxml.jackson.core.json.ReaderBasedJsonParser._finishString2(ReaderBasedJsonParser.java:2200) at app//com.fasterxml.jackson.core.json.ReaderBasedJsonParser._finishString(ReaderBasedJsonParser.java:2173) at app//com.fasterxml.jackson.core.json.ReaderBasedJsonParser.getText(ReaderBasedJsonParser.java:295) at app//com.fasterxml.jackson.jr.ob.impl.AnyReader.read(AnyReader.java) at app//com.fasterxml.jackson.jr.ob.impl.AnyReader.readFromObject(AnyReader.java) at app//com.fasterxml.jackson.jr.ob.impl.AnyReader.read(AnyReader.java) at app//com.fasterxml.jackson.jr.ob.impl.AnyReader.readCollectionFromArray(AnyReader.java) at app//com.fasterxml.jackson.jr.ob.impl.AnyReader.read(AnyReader.java) at app//com.fasterxml.jackson.jr.ob.impl.JSONReader.readValue(JSONReader.java) at app//com.fasterxml.jackson.jr.ob.JSON.anyFrom(JSON.java) at app//ortus.boxlang.runtime.bifs.global.decision.IsJSON._invoke(IsJSON.java:57)

Activity

Show:
Jon Clausen
changed the StatusDecember 6, 2024 at 2:41 PM
In Progress
Resolved
Jon Clausen
updated the ResolutionDecember 6, 2024 at 2:41 PM
None
Fixed
Jon Clausen
updated the DescriptionDecember 6, 2024 at 2:20 PM
The following JSON string, used by the cbSecurity test suite, incorrectly returns {{false}} for isJSON: {code:json}[ { "whitelist": "user\\.login,user\\.logout,^main.*", "securelist": "^user\\.*, ^admin", "match": "event", "roles": "admin", "permissions": "", "redirect": "user.login" }, { "whitelist": "", "securelist": "^shopping", "match": "url", "roles": "", "permissions": "shop,checkout", "redirect": "user.login", "useSSL": true } ]{code}
The following JSON string, used by the cbSecurity test suite, incorrectly returns {{false}} for isJSON: {code:json}[ { "whitelist": "user\\.login,user\\.logout,^main.*", "securelist": "^user\\.*, ^admin", "match": "event", "roles": "admin", "permissions": "", "redirect": "user.login" }, { "whitelist": "", "securelist": "^shopping", "match": "url", "roles": "", "permissions": "shop,checkout", "redirect": "user.login", "useSSL": true } ]{code} Stack from Jackson: {noformat}com.fasterxml.jackson.core.JsonParseException: Unrecognized character escape '.' (code 46) at [Source: REDACTED (`StreamReadFeature.INCLUDE_SOURCE_IN_LOCATION` disabled); line: 3, column: 22] at app//com.fasterxml.jackson.core.JsonParser._constructReadException(JsonParser.java:2660) at app//com.fasterxml.jackson.core.base.ParserBase._handleUnrecognizedCharacterEscape(ParserBase.java:1379) at app//com.fasterxml.jackson.core.json.ReaderBasedJsonParser._decodeEscaped(ReaderBasedJsonParser.java:2680) at app//com.fasterxml.jackson.core.json.ReaderBasedJsonParser._finishString2(ReaderBasedJsonParser.java:2200) at app//com.fasterxml.jackson.core.json.ReaderBasedJsonParser._finishString(ReaderBasedJsonParser.java:2173) at app//com.fasterxml.jackson.core.json.ReaderBasedJsonParser.getText(ReaderBasedJsonParser.java:295) at app//com.fasterxml.jackson.jr.ob.impl.AnyReader.read(AnyReader.java) at app//com.fasterxml.jackson.jr.ob.impl.AnyReader.readFromObject(AnyReader.java) at app//com.fasterxml.jackson.jr.ob.impl.AnyReader.read(AnyReader.java) at app//com.fasterxml.jackson.jr.ob.impl.AnyReader.readCollectionFromArray(AnyReader.java) at app//com.fasterxml.jackson.jr.ob.impl.AnyReader.read(AnyReader.java) at app//com.fasterxml.jackson.jr.ob.impl.JSONReader.readValue(JSONReader.java) at app//com.fasterxml.jackson.jr.ob.JSON.anyFrom(JSON.java) at app//ortus.boxlang.runtime.bifs.global.decision.IsJSON._invoke(IsJSON.java:57){noformat}
Jon Clausen
changed the StatusDecember 6, 2024 at 2:19 PM
Open
In Progress
Jon Clausen
created the IssueDecember 6, 2024 at 2:19 PM
Fixed
Pinned fields
Click on the next to a field label to start pinning.

Details

Assignee

Reporter

Fix versions

Priority

Sentry

Created December 6, 2024 at 2:19 PM
Updated December 6, 2024 at 2:41 PM
Resolved December 6, 2024 at 2:41 PM

Flag notifications